1 files changed, 53 insertions, 1 deletions
diff --git a/fs/namespace.c b/fs/namespace.c
index 50ca17d3cb45..d581e45c0a9f 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -798,6 +798,10 @@ static struct mount *clone_mnt(struct mount *old, struct dentry *root,
        }
        mnt->mnt.mnt_flags = old->mnt.mnt_flags & ~MNT_WRITE_HOLD;
+        /* Don't allow unprivileged users to change mount flags */
+        if ((flag & CL_UNPRIVILEGED) && (mnt->mnt.mnt_flags & MNT_READONLY))
+                mnt->mnt.mnt_flags |= MNT_LOCK_READONLY;
        atomic_inc(&sb->s_active);
        mnt->mnt.mnt_sb = sb;
        mnt->mnt.mnt_root = dget(root);
@@ -1713,6 +1717,9 @@ static int change_mount_flags(struct vfsmount *mnt, int ms_flags)
        if (readonly_request == __mnt_is_readonly(mnt))
                return 0;
+        if (mnt->mnt_flags & MNT_LOCK_READONLY)
+                return -EPERM;
        if (readonly_request)
                error = mnt_make_readonly(real_mount(mnt));
        else
@@ -2339,7 +2346,7 @@ static struct mnt_namespace *dup_mnt_ns(struct mnt_namespace *mnt_ns,
        /* First pass: copy the tree topology */
        copy_flags = CL_COPY_ALL | CL_EXPIRE;
        if (user_ns != mnt_ns->user_ns)
-                copy_flags |= CL_SHARED_TO_SLAVE;
+                copy_flags |= CL_SHARED_TO_SLAVE | CL_UNPRIVILEGED;
        new = copy_tree(old, old->mnt.mnt_root, copy_flags);
        if (IS_ERR(new)) {
                up_write(&namespace_sem);
@@ -2732,6 +2739,51 @@ bool our_mnt(struct vfsmount *mnt)
        return check_mnt(real_mount(mnt));
 }
+bool current_chrooted(void)
+{
+        /* Does the current process have a non-standard root */
+        struct path ns_root;
+        struct path fs_root;
+        bool chrooted;
+        /* Find the namespace root */
+        ns_root.mnt = &current->nsproxy->mnt_ns->root->mnt;
+        ns_root.dentry = ns_root.mnt->mnt_root;
+        path_get(&ns_root);
+        while (d_mountpoint(ns_root.dentry) && follow_down_one(&ns_root))
+                ;
+        get_fs_root(current->fs, &fs_root);
+        chrooted = !path_equal(&fs_root, &ns_root);
+        path_put(&fs_root);
+        path_put(&ns_root);
+        return chrooted;
+}
+void update_mnt_policy(struct user_namespace *userns)
+{
+        struct mnt_namespace *ns = current->nsproxy->mnt_ns;
+        struct mount *mnt;
+        down_read(&namespace_sem);
+        list_for_each_entry(mnt, &ns->list, mnt_list) {
+                switch (mnt->mnt.mnt_sb->s_magic) {
+                case SYSFS_MAGIC:
+                        userns->may_mount_sysfs = true;
+                        break;
+                case PROC_SUPER_MAGIC:
+                        userns->may_mount_proc = true;
+                        break;
+                }
+                if (userns->may_mount_sysfs && userns->may_mount_proc)
+                        break;
+        }
+        up_read(&namespace_sem);
+}
 static void *mntns_get(struct task_struct *task)
 {
        struct mnt_namespace *ns = NULL;

diff --git a/fs/namespace.c b/fs/namespace.c index 50ca17d3cb45..d581e45c0a9f 100644 --- a/fs/namespace.c +++ b/fs/namespace.c
@@ -798,6 +798,10 @@ static struct mount clone_mnt(struct mount old, struct dentry *root,
798	}	798	}
799		799
800	mnt->mnt.mnt_flags = old->mnt.mnt_flags & ~MNT_WRITE_HOLD;	800	mnt->mnt.mnt_flags = old->mnt.mnt_flags & ~MNT_WRITE_HOLD;
		801	/* Don't allow unprivileged users to change mount flags */
		802	if ((flag & CL_UNPRIVILEGED) && (mnt->mnt.mnt_flags & MNT_READONLY))
		803	mnt->mnt.mnt_flags \|= MNT_LOCK_READONLY;
		804
801	atomic_inc(&sb->s_active);	805	atomic_inc(&sb->s_active);
802	mnt->mnt.mnt_sb = sb;	806	mnt->mnt.mnt_sb = sb;
803	mnt->mnt.mnt_root = dget(root);	807	mnt->mnt.mnt_root = dget(root);
@@ -1713,6 +1717,9 @@ static int change_mount_flags(struct vfsmount *mnt, int ms_flags)
1713	if (readonly_request == __mnt_is_readonly(mnt))	1717	if (readonly_request == __mnt_is_readonly(mnt))
1714	return 0;	1718	return 0;
1715		1719
		1720	if (mnt->mnt_flags & MNT_LOCK_READONLY)
		1721	return -EPERM;
		1722
1716	if (readonly_request)	1723	if (readonly_request)
1717	error = mnt_make_readonly(real_mount(mnt));	1724	error = mnt_make_readonly(real_mount(mnt));
1718	else	1725	else
@@ -2339,7 +2346,7 @@ static struct mnt_namespace dup_mnt_ns(struct mnt_namespace mnt_ns,
2339	/* First pass: copy the tree topology */	2346	/* First pass: copy the tree topology */
2340	copy_flags = CL_COPY_ALL \| CL_EXPIRE;	2347	copy_flags = CL_COPY_ALL \| CL_EXPIRE;
2341	if (user_ns != mnt_ns->user_ns)	2348	if (user_ns != mnt_ns->user_ns)
2342	copy_flags \|= CL_SHARED_TO_SLAVE;	2349	copy_flags \|= CL_SHARED_TO_SLAVE \| CL_UNPRIVILEGED;
2343	new = copy_tree(old, old->mnt.mnt_root, copy_flags);	2350	new = copy_tree(old, old->mnt.mnt_root, copy_flags);
2344	if (IS_ERR(new)) {	2351	if (IS_ERR(new)) {
2345	up_write(&namespace_sem);	2352	up_write(&namespace_sem);
@@ -2732,6 +2739,51 @@ bool our_mnt(struct vfsmount *mnt)
2732	return check_mnt(real_mount(mnt));	2739	return check_mnt(real_mount(mnt));
2733	}	2740	}
2734		2741
		2742	bool current_chrooted(void)
		2743	{
		2744	/* Does the current process have a non-standard root */
		2745	struct path ns_root;
		2746	struct path fs_root;
		2747	bool chrooted;
		2748
		2749	/* Find the namespace root */
		2750	ns_root.mnt = &current->nsproxy->mnt_ns->root->mnt;
		2751	ns_root.dentry = ns_root.mnt->mnt_root;
		2752	path_get(&ns_root);
		2753	while (d_mountpoint(ns_root.dentry) && follow_down_one(&ns_root))
		2754	;
		2755
		2756	get_fs_root(current->fs, &fs_root);
		2757
		2758	chrooted = !path_equal(&fs_root, &ns_root);
		2759
		2760	path_put(&fs_root);
		2761	path_put(&ns_root);
		2762
		2763	return chrooted;
		2764	}
		2765
		2766	void update_mnt_policy(struct user_namespace *userns)
		2767	{
		2768	struct mnt_namespace *ns = current->nsproxy->mnt_ns;
		2769	struct mount *mnt;
		2770
		2771	down_read(&namespace_sem);
		2772	list_for_each_entry(mnt, &ns->list, mnt_list) {
		2773	switch (mnt->mnt.mnt_sb->s_magic) {
		2774	case SYSFS_MAGIC:
		2775	userns->may_mount_sysfs = true;
		2776	break;
		2777	case PROC_SUPER_MAGIC:
		2778	userns->may_mount_proc = true;
		2779	break;
		2780	}
		2781	if (userns->may_mount_sysfs && userns->may_mount_proc)
		2782	break;
		2783	}
		2784	up_read(&namespace_sem);
		2785	}
		2786
2735	static void mntns_get(struct task_struct task)	2787	static void mntns_get(struct task_struct task)
2736	{	2788	{
2737	struct mnt_namespace *ns = NULL;	2789	struct mnt_namespace *ns = NULL;